Symantec is warning customers of yet another zeroday exploit just two weeks after the last patch cycle which addressed some 10 issues.

"An attacker could exploit this issue via a malicious web page to potentially execute arbitrary code in the context of the currently logged-in user," said the advisory. "If the attack is successful, the executable content will be executed. Failed exploit attempts will likely crash the affected application."

Click to expand...

The exploit which hasn't been seen in the Wild yet, can also effect HTML in emails. Code that will crash the browser is published and its just a matter of time till functional code that will launch an executable is as well. Secunia has rated the flaw as highly critical.

While a column at PCMag labels IE as the biggest blunder in Microsoft's history.

I think it can now be safely said, in hindsight, that Microsoft's entry into the browser business and its subsequent linking of the browser into the Windows operating system looks to be the worst decision—and perhaps the biggest, most costly gaffe—the company ever made. I call it the Great Microsoft Blunder.